← Back to branch summary

~ubuntu-branches/ubuntu/dapper/cyrus-sasl2/dapper-proposed

~ubuntu-branches/ubuntu/dapper/cyrus-sasl2/dapper-proposed

« back to all changes in this revision

Viewing changes to debian/changelog

Committer: Bazaar Package Importer
Author(s): Martin Pitt
Date: 2006-04-24 11:58:30 UTC
Revision ID: james.westby@ubuntu.com-20060424115830-yisaords2tg9dxxf

Tags: 2.1.19.dfsg1-0.1ubuntu2

* SECURITY UPDATE: Remote DoS with crafted realms during DIGEST-MD5
  negotiation.
* Add debian/patches/27_upstream_cvs_digest-md5-crash.diff:
  - plugins/digestmd5.c: Check that the provided realm is valid to avoid
    crash.
  - Patch taken from upstream CVS, fixed upstream in 2.1.21:
    https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/
    plugins/digestmd5.c.diff?r1=1.173&r2=1.175&f=u
* CVE-2006-1721

files added:
debian/patches/27_upstream_cvs_digest-md5-crash.diff

files modified:
debian/changelog

Show diffs side-by-side

added added

removed removed

debian/changelog

1

cyrus-sasl2 (2.1.19.dfsg1-0.1ubuntu2) dapper; urgency=low

2

3

* SECURITY UPDATE: Remote DoS with crafted realms during DIGEST-MD5

4

negotiation.

5

* Add debian/patches/27_upstream_cvs_digest-md5-crash.diff:

6

- plugins/digestmd5.c: Check that the provided realm is valid to avoid

7

crash.

8

- Patch taken from upstream CVS, fixed upstream in 2.1.21:

9

https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/

10

plugins/digestmd5.c.diff?r1=1.173&r2=1.175&f=u

11

* CVE-2006-1721

12

13

-- Martin Pitt <martin.pitt@ubuntu.com> Mon, 24 Apr 2006 11:58:30 +0200

14

1

15

cyrus-sasl2 (2.1.19.dfsg1-0.1ubuntu1) dapper; urgency=low

2

16

3

17

* Synchronize to Debian (#28137)

Older »